An organization that actively builds and maintains a positive reputation gains a competitive advantage and improves its credibility if an event occurs that impacts that reputation. This paper lays the groundwork and helps stimulate thought around managing reputation risk, providing...
Since the introduction of the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), data privacy has become an essential aspect of Third Party Risk Management (TPRM). With constant changes in data privacy regulations, staying up-to-date with...
Regulators have developed “principles-based guidance that provides a flexible, risk-based approach to third-party risk management that can be adjusted to the unique circumstances of each third-party relationship.” On June 6th, less than 20 months after comments closed, the Federal Reserve,...
While excellent ransomware guides and tools exist from various sources, our new guide (Third Party Focused Ransomware Strategy: An Enterprise-Wide Collaborative Strategy Guide for TPRM Professionals) and the related resources referenced throughout provide a Third Party Risk Management focused approach. The...
“Put yourself in their shoes…” is a commonplace reminder to practice empathy. You must put on someone else’s shoes (and then walk a mile) to understand how someone thinks and to gain a sense of the landscape in which this...
and...Third Party Risk Managers Everywhere Should Pay Attention! Third-party risk managers should be paying attention to important ESG regulatory developments in the European Union, where two pieces of regulation became effective within the last month and one more may be...
Have you discovered who you truly are? Did you take the Myers-Briggs? Do you know your sign? Abilities, attributes, and astrology be darned - to an identity thief, you just represent a unique set of numbers and the opportunity to...
Our UK / EU and US Steering Committees provide governance on Committees and Products development, help to set the annual agenda for the Shared Assessments program, and provide leadership for all major initiatives undertaken by the Shared Assessments Program Committees....
Andrew Moyad (CEO, Shared Assessments) recently sat down with Michael Crawford (Head of Operations, Opstream) to talk about his risk management career. This blog post presents outtakes from the interview, exploring Andrew's winding career path (along with a few laughs)....
Shared Assessments is pleased to announce that the Standard Information Gathering Questionnaire (SIG) 2023 mapping is now incorporated into the Secure Controls Framework (SCF) catalog of controls version 2022.3. This was a collaborative endeavor between Shared Assessments and the SCF....
Data zips across the Atlantic over submarine communications cables and pings across the sea to and from satellites at light speed. These transatlantic data flows are critical to the economic relationship between the United States and the European Union: The...
Across the northern hemisphere, temperatures are dropping, trees are transitioning color, and the 2023 Shared Assessments Third Party Risk Management Product Suite has arrived with changes! Responsive to the regulatory and risk environment, enhancements to the 2023 TPRM Product Suite...